Online Payment Fraud Surges by 208% Ahead of Black Friday

Online payment fraud surged by 208% between September and October 2021, indicating that scammers are ramping up attacks on online shoppers in the build-up to this year’s Black Friday.

In a new report, cybersecurity vendor Kaspersky discovered 1,935,905 financial phishing attacks disguised as e-payment systems in October 2021. This is more than double the 627,560 attacks detected in the previous month.

Interestingly, the researchers didn’t observe any seasonal trends for other types of phishing related to online shopping in the first 10 months of 2021. The emphasis on e-payment systems is believed to be linked to the introduction of new payment systems in many countries this year following the shift to online shopping during COVID-19.

The team also detected 221,745 spam emails containing the words ‘Black Friday’ from October 27 to November 19, providing further evidence that fraudsters are trying to take advantage of the biggest shopping day of the year.

In total, Kaspersky reported seeing 40 million phishing attacks targeting e-commerce and e-shopping platforms from January to October 2021.

Of the online shopping platforms, Amazon was consistently the most popular phishing lure used by scammers. Next was eBay, followed by Alibaba and Mercado Libre.

Tatyana Shcherbakova, security expert at Kaspersky, commented: “We always witness intensified scamming activity amid the Black Friday season. Perhaps a bit more unexpected is the attention being paid to e-payment systems. This time, we discovered a huge increase of 208% in the number of attacks mimicking the most popular payment systems. Of course, every new payment application is seen by scammers as a new opportunity to potentially exploit users.

“So, in order to protect your data and finances, it will be a safe practice to make sure the online payment page is secure: you’ll know it is if the web page’s URL begins with HTTPS instead of the usual HTTP and an icon of a lock will also typically appear beside the URL.”

What’s Hot on Infosecurity Magazine?